General

  • Target

    c0813ea36f4e0c784504095dd6979edc_JaffaCakes118

  • Size

    575KB

  • Sample

    240825-l57ptaycqf

  • MD5

    c0813ea36f4e0c784504095dd6979edc

  • SHA1

    97a8afe32535c19261e0267a66af28a17c9268d4

  • SHA256

    adc621e6c68c2474ffd5f7f5c1f0d6d8666e4829a7593e6041b8aa4ba116419c

  • SHA512

    e78205f6846dbc9500d6c29dfee2e43382e269294d1d46592544fa1ceedf77edfb36b9ec374576bbbc4aa4bc96225106156daaff70805b60e93fb0b0349e25ca

  • SSDEEP

    12288:ryAYktRsevrqpLbFNPwM5j4pchFY2/i6neqGfQDpvtRRHociDC8CT8vSD:rQaRsmqNPwMZ46hFY2/5zGfGoZ96D

Malware Config

Targets

    • Target

      c0813ea36f4e0c784504095dd6979edc_JaffaCakes118

    • Size

      575KB

    • MD5

      c0813ea36f4e0c784504095dd6979edc

    • SHA1

      97a8afe32535c19261e0267a66af28a17c9268d4

    • SHA256

      adc621e6c68c2474ffd5f7f5c1f0d6d8666e4829a7593e6041b8aa4ba116419c

    • SHA512

      e78205f6846dbc9500d6c29dfee2e43382e269294d1d46592544fa1ceedf77edfb36b9ec374576bbbc4aa4bc96225106156daaff70805b60e93fb0b0349e25ca

    • SSDEEP

      12288:ryAYktRsevrqpLbFNPwM5j4pchFY2/i6neqGfQDpvtRRHociDC8CT8vSD:rQaRsmqNPwMZ46hFY2/5zGfGoZ96D

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks